nixos/tests/vault.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

import ./make-test-python.nix ({ pkgs, ... }:
{
  name = "vault";
  meta = with pkgs.lib.maintainers; {
    maintainers = [ lnl7 ];
  };
  machine = { pkgs, ... }: {
    environment.systemPackages = [ pkgs.vault ];
    environment.variables.VAULT_ADDR = "http://127.0.0.1:8200";
    services.vault.enable = true;
  };

  testScript =
    ''
      start_all()

      machine.wait_for_unit("multi-user.target")
      machine.wait_for_unit("vault.service")
      machine.wait_for_open_port(8200)
      machine.succeed("vault operator init")
      # vault now returns exit code 2 for sealed vaults
      machine.fail("vault status")
      machine.succeed("vault status || test $? -eq 2")
    '';
})